Vulnerabilities > Linux > Linux Kernel > 5.11.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-06 | CVE-2021-3501 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel in versions before 5.12. | 3.6 |
| 2021-04-22 | CVE-2021-23133 | Race Condition vulnerability in multiple products A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. | 7.0 |
| 2021-04-20 | CVE-2021-29155 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.x. | 5.5 |
| 2021-04-19 | CVE-2021-3506 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. | 7.1 |
| 2021-04-08 | CVE-2021-29154 | Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. | 7.8 |
| 2021-03-26 | CVE-2020-35508 | Improper Initialization vulnerability in multiple products A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. | 4.5 |
| 2021-03-22 | CVE-2021-28972 | Classic Buffer Overflow vulnerability in multiple products In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. | 6.7 |
| 2021-02-23 | CVE-2021-20194 | Improper Input Validation vulnerability in multiple products There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). | 7.8 |
| 2020-12-15 | CVE-2020-27777 | Missing Authorization vulnerability in multiple products A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. | 6.7 |
| 2020-01-31 | CVE-2019-3016 | Race Condition vulnerability in Linux Kernel In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. | 4.7 |